Browse Source

icu: fix CVE-2017-14952 Double-Free Vulnerability

http://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/

https://security-tracker.debian.org/tracker/CVE-2017-14952

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
lilik-openwrt-22.03
Hirokazu MORIKAWA 7 years ago
committed by Yousong Zhou
parent
commit
f90bba4046
2 changed files with 11 additions and 1 deletions
  1. +1
    -1
      libs/icu/Makefile
  2. +10
    -0
      libs/icu/patches/CVE-2017-14952.patch

+ 1
- 1
libs/icu/Makefile View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=icu4c
PKG_VERSION:=59.1
PKG_RELEASE:=2
PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-59_1-src.tgz
PKG_SOURCE_URL:=http://download.icu-project.org/files/$(PKG_NAME)/$(PKG_VERSION)


+ 10
- 0
libs/icu/patches/CVE-2017-14952.patch View File

@ -0,0 +1,10 @@
Index: source/i18n/zonemeta.cpp
===================================================================
--- source/i18n/zonemeta.cpp (revision 40283)
+++ source/i18n/zonemeta.cpp (revision 40324)
@@ -691,5 +691,4 @@
if (U_FAILURE(status)) {
delete mzMappings;
- deleteOlsonToMetaMappingEntry(entry);
uprv_free(entry);
break;

Loading…
Cancel
Save